Sun Microsystems 820433510 Server User Manual


 
In the JDBC realm, the server gets user credentials from a database. The Enterprise Server uses
the database information and the enabled JDBC realm option in the conguration le. For
digest authentication, a JDBC realm should be created with jdbcDigestRealm as the JAAS
context.
In the solaris realm the server gets user credentials from the Solaris operating system. This
realm is supported on the Solaris 9 OS and later. Consult your Solaris documentation for
information on managing users and groups in the solaris realm.
A custom realm is any other repository of user credentials, such as a relational database or
third-party component. For more information, see the Admin Console online help.
To Congure a JDBC Realm for aWeb, EJB Application
The Enterprise Server enables you to specify a user's credentials in the JDBC realm instead of in
the connection pool. Using the JDBC realm instead of the connection pool prevents other
applications from browsing the database tables for the user's credentials. A user's credentials are
the user's name and password.
Note By default, storage of passwords as clear text is not supported in the JDBC realm. Under
normal circumstances, passwords should not be stored as clear text.
Createthe database tables in whichto store theusers' credentials forthe realm.
How to create the database tables depends on the database that you are using.
Add theusers' credentials to thedatabase tables that you created in
Step 1.
How to add users' credentials to the database tables depends on the database that you are using.
Createa JDBC realm.
Use the Admin Console GUI for this purpose. For instructions for creating a JDBC realm, see the
online help for the Admin Console GUI.
Specify the realm thatyou createdin
Step 3 asthe realm forthe application.
To specify the realm, modify the appropriate deployment descriptor for your application:
For an enterpriseapplication in an EnterpriseArchive (EAR) le, modify the
sun-application.xml le.
For a web applicationin aWeb Application Archive (WAR)le, modify the web.xml le.
For an enterprisebean in an EJB JAR le,modify the sun-ejb-jar.xml le.
For more information about how to specify a realm, see
“How to Set a Realm for an Application
or Module” in Sun GlassFish Enterprise Server 2.1 Developer’s Guide
.
1
2
3
4
UnderstandingUsers,Groups,Roles,and Realms
Chapter9 • ConguringSecurity 107